d5354bd6c50ce9af01dc94585e7f7c5a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d5354bd6c50ce9af01dc94585e7f7c5a_JaffaCakes118
Size

450KB
MD5

d5354bd6c50ce9af01dc94585e7f7c5a
SHA1

6a13f6b19f2d072427ec6db04fed4ac2fa754e01
SHA256

f6d91da61c36de46a9b75e4f819081e9853b24e6ee38ea936f9d15de3102abe5
SHA512

f4a085d9ce02272cb6a7720c846b534f139124f8c1f3c937fa8125e4ea630b53f6d1b7a60f9bbca835b031f27ccb05c0d55f7e93198e5d0bf66ebe798b15da37
SSDEEP

12288:2Em989hX6fxr1uiTuqzrc1/4wJWOVRGdTjOO:Tm982fxrjc1/4siTjO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5354bd6c50ce9af01dc94585e7f7c5a_JaffaCakes118

Files

d5354bd6c50ce9af01dc94585e7f7c5a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

1313e06e5ed26ceefefe68ddff7284fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\@aw\clientEx\Release\client.pdb

Imports

user32

RegisterClassA
CreateWindowExA
ShowWindow
SetWindowPos
GetSystemMetrics
GetWindowRect
AdjustWindowRectEx
SetWindowLongA
LoadCursorA
GetSystemMenu
DeleteMenu
TranslateMessage
DispatchMessageA
PeekMessageA
DefWindowProcA
PostQuitMessage
DestroyWindow
SetCapture
ReleaseCapture
MessageBoxA
FindWindowA
GetCursorPos
ScreenToClient
GetDC
ReleaseDC

wsock32

WSACleanup
closesocket
connect
htons
recv
send
socket
WSAStartup
WSAAsyncSelect

opengl32

glDrawElements
glEnableClientState
glMultMatrixf
glNormalPointer
glTexCoordPointer
glVertexPointer
glDepthRange
glDisableClientState
glViewport
glOrtho
glLightModeli
glEnable
glBegin
glColor4f
glEnd
glTexCoord2f
glVertex2f
glColor3f
glDisable
glShadeModel
glVertex3f
glBlendFunc
glClear
glFlush
glGetIntegerv
glFogi
glFogfv
glFogf
glClearColor
wglMakeCurrent
wglDeleteContext
wglCreateContext
glLightfv
glTexParameteri
glTexImage2D
glRasterPos2f
glPushAttrib
glPopAttrib
glNewList
glListBase
glGenTextures
glGenLists
glEndList
glDeleteLists
glInitNames
glLoadIdentity
glColor3fv
glCallLists
glBindTexture
glAlphaFunc
wglUseFontBitmapsA
glMatrixMode
glLoadMatrixf
glPolygonMode
glLineWidth
glDepthFunc
glColor3bv
glColor3b
glTranslatef
glScalef
glRotatef
glPushMatrix
glPopMatrix
glSelectBuffer
glRenderMode
glPushName
glLoadName

glu32

gluPerspective
gluPickMatrix
gluBuild2DMipmaps

gdiplus

GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipBitmapLockBits
GdipBitmapUnlockBits

kernel32

GetTimeZoneInformation
OutputDebugStringW
WriteConsoleW
LoadLibraryExW
HeapReAlloc
FlushFileBuffers
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetCurrentThreadId
GetConsoleCP
SetFilePointerEx
ReadConsoleW
RaiseException
GetProcessHeap
GetModuleFileNameW
WriteFile
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
InitializeCriticalSectionAndSpinCount
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateFileW
RtlUnwind
GetStringTypeW
CloseHandle
WideCharToMultiByte
MultiByteToWideChar
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
ExitProcess
DecodePointer
DeleteCriticalSection
EncodePointer
GetCommandLineA
ReadFile
HeapFree
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
HeapAlloc
GetLastError
GetFileType
SetStdHandle
GetConsoleMode
LeaveCriticalSection
EnterCriticalSection
HeapSize
CompareStringW
LCMapStringW
Sleep
GlobalFree
GlobalAlloc
GetConsoleWindow
SetConsoleTitleA
FreeConsole
AllocConsole
SetConsoleCtrlHandler
GetTickCount
GetStdHandle
GetModuleHandleA
SetEnvironmentVariableA
SetEndOfFile
GetStartupInfoW

gdi32

GetCharWidthA
SwapBuffers
SetPixelFormat
CreateFontA
DeleteObject
SelectObject
ChoosePixelFormat

ole32

CreateStreamOnHGlobal

Sections

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1313e06e5ed26ceefefe68ddff7284fd

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

wsock32

opengl32

glu32

gdiplus

kernel32

gdi32

ole32

Sections

.text Size: 337KB - Virtual size: 337KB

.rdata Size: 77KB - Virtual size: 76KB

.data Size: 12KB - Virtual size: 3.5MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 22KB - Virtual size: 21KB

.text
Size: 337KB - Virtual size: 337KB

.rdata
Size: 77KB - Virtual size: 76KB

.data
Size: 12KB - Virtual size: 3.5MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 22KB - Virtual size: 21KB